IxKx.pdb
Static task
static1
Behavioral task
behavioral1
Sample
d56e9061e7f6df6e094d1582d817c381f8ce9ac6c3925cba5da96464487a18b7.exe
Resource
win7-20240215-en
General
-
Target
c77b45b902fb66b1bda25f0c9f32c152.bin
-
Size
608KB
-
MD5
73d5010ec747cb75d2792de09dfd5b10
-
SHA1
098b39fac2e0b182403d1e42c75294822da5f96d
-
SHA256
701fa689d6a4a6ae409e5e1cc427e1a46707090dea6a3efc446c72dcb42637d6
-
SHA512
0cf60e5e888b81e66cddce33ed482c33a7ab89b9408b0c7271189196e8844e3e94f9e6dc9ce96f82913de49c237694d4111f566ec2bccb94e6c61108c84db6c3
-
SSDEEP
12288:R3bfmPcXCHTr+/uMBNo/2EEgjK4dyAKI3GS+/7TEy0aBM0gB:Ff5XCzr0BNoLNK4hP+/FjgB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/d56e9061e7f6df6e094d1582d817c381f8ce9ac6c3925cba5da96464487a18b7.exe
Files
-
c77b45b902fb66b1bda25f0c9f32c152.bin.zip
Password: infected
-
d56e9061e7f6df6e094d1582d817c381f8ce9ac6c3925cba5da96464487a18b7.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 614KB - Virtual size: 613KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ